-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathget_sensor.py
executable file
·114 lines (91 loc) · 3.28 KB
/
get_sensor.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
#!/usr/bin/env python3
##
# Copyright 2019 Mentor Graphics
# SPDX-License-Identifier: Apache-2.0
import tanrest, json, time, sys, base64
from pprint import pprint as pp
from time import sleep
import getpass
import getopt
def usage():
print("""
Usage:
get_sensor.py [options]
Description:
Gets a tanium sensor by name and writes it to a file
Options:
-h, --help display this help and exit
-s, --sensor [required] name of the tanium sensor to get
--server [required] tanium server (ip address or dns name) [required]
--username user name to connect to tanium with (defaults to logged in user)
--password password to connect to tanium with (will prompt if not provided)
--persona [optional] the persona to use for the session
Example:
./get_sensor.py --server 139.181.111.21 --username tanium --sensor 'Chuck Norris Fact'
""")
def main(argv):
#print(argv)
global loglevel
creds = {}
try:
opts, args = getopt.getopt(argv,"d:hs:p:q:",["debug:","help","sensor=", "package=", "server=", "username=", "password=", "persona="])
except getopt.GetoptError:
usage()
sys.exit(2)
for opt, arg in opts:
if opt in ('-h', '--help'):
usage()
sys.exit(2)
if opt in ('-s', '--sensor'):
sensorname = arg
if opt in ('d', '--debug'):
loglevel = arg
if opt in ('--server'):
creds['server'] = arg
if opt in ('--username'):
creds['username'] = arg
if opt in ('--password'):
creds['password'] = arg
if opt in ('--persona'):
creds['persona'] = arg
try:
sensorname
except NameError:
print("--sensor parameter required")
usage()
sys.exit(2)
# create a dictionary of arguments for the pytan handler
handler_args = {}
if 'server' not in creds:
print("--server parameter required")
usage()
sys.exit(2)
else:
if 'http' not in creds['server']:
creds['server'] = 'https://' + creds['server']
if '/api/v2' not in creds['server']:
creds['server'] = creds['server'] + '/api/v2'
if 'username' not in creds:
creds['username'] = getpass.getuser()
if 'password' not in creds:
creds['password'] = getpass.getpass()
tan = tanrest.server(creds)
sensor = tan.get_sensor(sensorname)
##
# replace windows carriage return with standard newline for non-windows platform scripts.
# this is a workaround for a tanium UI bug introduced sometime around console version 2.1.702.000
for script in sensor["queries"]:
if script["platform"] != "Windows":
script["script"] = script["script"].replace('\r\n', '\n')
if not sensor:
print('error getting sensor')
sys.exit(3)
out = json.dumps(sensor, indent=4)
f = open('sensor/'+sensorname+'.json', 'w')
f.write(out)
f.close()
print('wrote ' + str( out.__sizeof__() ) + ' bytes to "sensor/' + sensorname + '.json"')
#qid = tan.req('get', 'saved_questions/by-name/Running%20Applications')['data']['id']
#print tan.ask(qid)
if __name__ == "__main__":
main(sys.argv[1:])